1 min read

Macys.com checkout page hacked; customers advised to be vigilant of fraud

Filip TRUȚĂ

November 19, 2019

Macys.com checkout page hacked; customers advised to be vigilant of fraud

American department store chain Macy”s has suffered an embarrassing data breach, leaving hackers with access to customers” personal and financial information, including credit card numbers and even card security codes.

In a letter to affected customers, Macy”s reveals that an unknown cybercriminal or group of hackers targeted macys.com with malicious code placed strategically at the checkout page and My Account wallet page to grab credit card information for fraud.

The company noticed suspicious activity on October 15 and started an investigation. It then learned the hack had occurred on October 7, giving attackers eight days to steal personal and financial data to carry out fraud and identity theft.

According to the notice, cybercriminals “potentially” accessed customers” first name, last name, address, phone number, email address, and payment card number, security code and expiration date, as well as other values typed into the webpage while on the macys.com checkout page or the My Account wallet page.

“Customers checking out or interacting with the My Account wallet page on a mobile device or on the macys.com mobile application were not involved in this incident,” Macy”s said.

In a bid to protect customers against phishing scams leveraging this stolen data, the company underscores that it will never ask customers to provide their macys.com password or security question answers by phone, email, or text.

In traditional data-breach fashion, Macy”s will foot the bill for a year”s worth of credit card monitoring for all affected customers. The company also instructs customers to “remain vigilant for incidents of financial fraud and identity theft by regularly reviewing your account statements and immediately reporting any suspicious activity to your card issuer.”

Customers can also contact their card issuer and inform them of the macys.com breach, as well as ask for appropriate steps to protect their account.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read